AU2009222588A1 - Real-time data protection method and data protection device for implementing the same - Google Patents
Real-time data protection method and data protection device for implementing the same Download PDFInfo
- Publication number
- AU2009222588A1 AU2009222588A1 AU2009222588A AU2009222588A AU2009222588A1 AU 2009222588 A1 AU2009222588 A1 AU 2009222588A1 AU 2009222588 A AU2009222588 A AU 2009222588A AU 2009222588 A AU2009222588 A AU 2009222588A AU 2009222588 A1 AU2009222588 A1 AU 2009222588A1
- Authority
- AU
- Australia
- Prior art keywords
- data
- data protection
- computing device
- protection device
- configuring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/08—Error detection or correction by redundancy in data representation, e.g. by using checking codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/26—Functional testing
- G06F11/263—Generation of test inputs, e.g. test vectors, patterns or sequences ; with adaptation of the tested hardware for testability with external testers
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
- Emergency Protection Circuit Devices (AREA)
Description
P/00/011 Regulation 3.2 AUSTRALIA Patents Act 1990 COMPLETE SPECIFICATION STANDARD PATENT Invention Title: Real-time data protection method and data protection device for implementing the same The following statement is a full description of this invention, including the best method of performing it known to us: 1A REAL-TIME DATA PROTECTION METHOD AND DATA PROTECTION DEVICE FOR IMPLEMENTING THE SAME This invention relates to a data protection method, particularly to a real-time data protection method. 5 As the information industry progresses, computers and the Internet, through which computer information are accessed, have become indispensable communication tools in our daily lives. This results in proliferation of hackers who intentionally and maliciously intrude 10 into a computer system and alter or destroy data or programs in thecomputersystem. Thisposesamajor threat to the reliability of computer information. Various techniques have been proposed to counter that threat. One conventional technique utilizes a computer 15 firewall. Unfortunately, computer firewalls have security loopholes that may be exploited by a hacker to get through the computer firewall and gain access to information in a computer. In another conventional technique, input data are 20 manually inspected to determine whether the input data have been modified. This conventional technique, however, is time consuming. In yet another conventional technique, a program calculates a hash value for each packet of input data 25 using a hash function and stores the input data in a storage device. A different hash value calculated at a later time indicates whether or not the corresponding 2 packet of the input data has been modified. The modified input data may be recovered using an original copy of the input data previously stored in the storage device. This conventional technique is disadvantageous in that 5 a large capacity storage device is required. Inaddition, the program is vulnerable to viruses and hackers. Therefore, an object of the present invention is to provide a real-time data protection method that can overcome the aforesaid drawbacks of the prior art. 10 Another object of the present invention is to provide a data protection device that implements the real-time data protection method. According to an aspect of the present invention, a real-time data protection method is implemented by a 15 data protection device, and comprises: A) configuring the data protection device to receive input data from an input device; B) configuring the data protection device to store the input data received in step A) ; C) configuring the data protection device to send the input 20 data stored in step B) to a computing device, the computing device generating result data based on the input data sent thereto by the data protection device; D) configuring the data protection device to receive the resultdata fromthe computingdevice; E) configuring 25 the data protection device to generate test data that correspond to the result data received in step D) ; F) configuring the data protection device to compare the 3 test data generated in step E) to the input data stored in step B) ; and G) when it is determined in step F) that the test data are not identical to the input data, configuring the data protection device to indicate that 5 the result data have been modified. According to another aspect of the present invention, a data protection device comprises a comparing unit and a test data-generating unit. The comparing unit is adapted to be coupled to an input device and a computing 10 device, and is configured to receive input data from the input device, to store the input data received thereby, and to send the input data to the computing device. The computing device generates result data based on the input data sent thereto by the comparing unit. The test 15 data-generating unit is coupled to the comparing unit, is adapted to be coupled to the computing device, and is configured to receive the result data from the computing device, to generate test data that correspond to the result data received thereby, and to send the 20 test data generated thereby to the comparing unit. The comparing unit is further configured to receive the test data sent thereto by the test data-generating unit, to compare the test data received thereby to the input data stored thereby, and to indicate that the result data 25 have been modified when it is determined thereby that the test data are not identical to the input data. Other features and advantages of the present 4 invention will become apparent in the following detailed description of the preferred embodiment with reference to the accompanying drawings, of which: Figure 1 is a circuit block diagram of the preferred 5 embodiment of a data protection device according to the present invention; and Figures 2 and 3 are flow charts of the preferred embodiment of a real-time data protection method according to the present invention to be implemented 10 using the data protection device shown in Figure 1. Referring to Figure 1, the preferred embodiment of a data protection device 3 according to this invention is shown to include a comparing unit 31 and a test data-generating unit 32. 15 The comparing unit 31 is connected to an input device 1, a computing device 2, and a storage device 5. The input device 1 may be a computer keyboard, a computer mouse, or a touch panel. The computing device 2 is installed with an operating 20 system, and a word processing application program 24, e.g., Microsoft Word, which resides in the operating system, and is connected to a display device 4. The storage device 5 stores therein first, second, and thirdexecutable files, eachofwhichhasanattribute 25 that is set to hidden. The test data-generating unit 32 is connected to the comparing unit 31 and the computing device 2.
5 The data protection device 3 further includes a controlling unit 33 connected to and controlling operations of the comparing unit 31 and the test data-generating unit 32. 5 The preferred embodiment of a real-time data protection method to be implemented by the aforementioned data protection device 3 according to this invention will now be described with further reference to Figures 2 and 3. 10 In step 51, the comparing unit 31 sets the attributes of the first, second, and third executable files stored in the storage device 5 to read-only, and subsequently installs the first, second, and third executable files into the computing device 2, whereby the first, second, 15 and third executable files serve as first, second, and third application programs 21, 22, 23 that reside in the operating system, respectively. In step 52, the comparing unit 31 receives input data from the input device 1. 20 In step 53, the comparing unit 31 stores therein the input data received in step 52. Alternatively, in this step, the input data may be stored in the storage device 5. In step 54, the comparing unit 31 sends the input 25 data stored in step 53 to the first application program 21. The first application program 21 receives the input 6 data sent thereto by the comparing unit 31, generates result data based on the input data received thereby, and sends the result data to the word processing application program 24. 5 The second application program 22 detects the result data generated by the first application program 21, and sends the result data detected thereby to the third application program 23. The third application program 23 receives the result 10 data sent thereto by the second application program 22, and sends the result data received thereby to the test data-generating unit 32. In step 55, the test data-generating unit 32 receives the result data sent thereto by the third application 15 program 23. Instep56, the testdata-generatingunit32generates test data that correspond to the result data received in step 55. For example, suppose that the first application 20 program2lisaChineseinputmethodeditor (IME) . Suppose further that the input data received in step 52 are in the form of pinyin. The result data generated by the first application program 21 are thus associated with Chinese characters and the test data generated in this 25 step are thus in the form of pinyin. In step 57, the test data-generating unit 32 sends the test data generated in step 56 to the comparing unit 7 31. In step 58, the comparing unit 31 receives the test data sent thereto in step 57. In step 59, the comparing unit 31 compares the test 5 data received in step 58 to the input data stored in step 53. In step 60, when it is determined in step 59 that the test data are not identical to the input data, the flow proceeds to step 61. Otherwise, i.e., it is 10 determined in step 59 that the test data are identical to the input data, the flow proceeds to step 62. In step 61, the comparing unit 31 indicates that the result data have been modified, prompts the third application program 23 to discard the result data, 15 generates a warning message, and sends the warning message to the third applicationprogram23. Thereafter, the flow goes back to step 52. The third application program 23 controls the display device 4 to show the warning message sent to the third 20 application program 23 by the comparing unit 31. In step 62, the comparing unit 31 indicates that the result data have not been modified, stores the result data received in step 55 in the storage device 5, and sets an attribute of the result data stored thereby to 25 hidden. Thereafter, the flow goes back to step 52. The result data stored in this step can be used for data recovery when required in the future.
8 From the above description, since the comparing unit 31 stores an original copy of the input data, based on which the computing device 2 generates the result data, since the test data-generating unit 32 generates the 5 test data that correspond to the result data, and since the comparing unit 31 compares the test data to the original copy of the input data stored thereby, the data protection device 3 of this invention determines in real-time whether the result data have been modified. 10 Furthermore, since the attributes of the first, second, and third executable files are set to read-only prior to installation thereof in the computing device 2 by the comparing unit 31, the first, second, and third executable files are prevented from being modified. 15
Claims (13)
1. A real-time data protection method to be implemented by a data protection device coupled to an input device and a computing device, said real-time data protection 5 method comprising: A) configuring the data protection device to receive input data from the input device; B) configuring the data protection device to store the input data received in step A); 10 C) configuring the data protection device to send the input data stored in step B) to the computing device, the computing device generating result data based on the input data sent thereto by the data protection device; D) configuring the data protection device to receive 15 the result data from the computing device; E) configuring the dataprotection device to generate test data that correspond to the result data received in step D) ; F) configuring the data protection device to compare 20 the test data generated in step E) to the input data stored in step B); and G) when it is determined in step F) that the test data are not identical to the input data, configuring the data protection device to indicate that the result 25 data have been modified.
2. The real-time data protection method as claimed in Claim 1, further comprising: 10 H) when it is determined in step F) that the test data are identical to the input data, configuring the data protection device to indicate that the result data have not been modified. 5
3. The real-time data protection method as claimed in Claim2, the data protectiondevice being further coupled to a storage device, wherein step H) includes the sub-steps of: hl) configuring the data protection device to store 10 the result data received in step D) in the storage device; and h2) configuring the data protection device to set an attribute of the result data stored in sub-step hl) to hidden. 15
4. The real-time data protection method as claimed in Claim 1, the data protection device being further coupled to a storage device, wherein, in step B), the input data is stored in one of the data protection device and the storage device. 20 5. The real-time data protection method as claimed in Claim 1, the computing device being coupled to a display device, wherein step G) includes the sub-steps of: gl) configuring the data protection device to prompt the computing device to discard the result data; 25 g2) configuring the data protection device to generate a warning message; and g3) configuring the data protection device to send 11 the warning message generated in sub-step g2) to the computing device, the computing device controlling the display device to show the warning message sent thereto by the data protection device.
5
6. The real-time data protection method as claimed in Claims, the data protection device being further coupled to a storage device, said real-time data protection method further comprising: I) configuring the data protection device to set an 10 attribute of an executable file stored in the storage device to read-only; and J) configuring the data protection device to install the executable file into the computing device, thereby permitting the computing device to generate the result 15 data.
7. The real-time data protection method as claimed in Claims, the data protectiondevicebeing further coupled to a storage device, said real-time data protection method further comprising: 20 I) configuring the data protection device to set an attribute of an executable file stored in the storage device to read-only; and J) configuring the data protection device to install the executable file into the computing device, thereby 25 permitting the computing device to send the result data generated thereby to the data protection device.
8. The real-time data protection method as claimed in 1 2 Claims, the result data generatedby the computingdevice being associated with Chinese characters, wherein the test data generated in step E) are in the form of pinyin.
9. A data protection device, comprising: 5 a comparing unit adapted to be coupled to an input device and a computing device, and configured to receive input data from the input device, to store the input data received thereby, and to send the input data to the computing device, the computing device generating 10 result data based on the input data sent thereto by said comparing unit; and a test data-generatingunit coupled to saidcomparing unit, adapted to be coupled to the computing device, and configured to receive the result data from the 15 computing device, to generate test data that correspond to the result data received thereby, and to send the test data generated thereby to said comparing unit; wherein said comparing unit is further configured to receive the test data sent thereto by said test 20 data-generating unit, to compare the test data received thereby to the input data stored thereby, and to indicate that the result data have been modified when it is determined thereby that the test data are not identical to the input data. 25
10. The data protection device as claimed in Claim 9, wherein said comparing unit is further configured to store the result data received by said test 13 data-generating unit from the computing device when it is determined thereby that the test data are identical to the input data.
11. The data protection device as claimed in Claim 9, 5 wherein said comparing unit is further configured to generate a warning message, and to send the warning message generated thereby to the computing device when it is determined thereby that the test data are not identical to the input data, the computing device 10 controlling a display device to show the warningmessage sent to the computing device by said comparing unit.
12. The data protection device as claimed in Claim 9, wherein said comparing unit is further configured to prompt the computing device to discard the result data 15 when it is determined thereby that the test data are not identical to the input data.
13. The data protection device as claimed in Claim 9, the result data generated by the computing device being associated with Chinese characters, wherein the test 20 data generated by said test data-generating unit are in the form of pinyin.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW097140657 | 2008-10-23 | ||
TW097140657A TWI409665B (en) | 2008-10-23 | 2008-10-23 | Enter the information air against the protection method and its hardware |
Publications (2)
Publication Number | Publication Date |
---|---|
AU2009222588A1 true AU2009222588A1 (en) | 2010-05-13 |
AU2009222588B2 AU2009222588B2 (en) | 2010-12-09 |
Family
ID=41531788
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU2009222588A Ceased AU2009222588B2 (en) | 2008-10-23 | 2009-10-05 | Real-time data protection method and data protection device for implementing the same |
Country Status (8)
Country | Link |
---|---|
US (1) | US20100107248A1 (en) |
EP (1) | EP2184697B1 (en) |
JP (2) | JP2010102710A (en) |
KR (1) | KR101067506B1 (en) |
AU (1) | AU2009222588B2 (en) |
BR (1) | BRPI0904230A2 (en) |
SG (1) | SG161167A1 (en) |
TW (1) | TWI409665B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TWI409634B (en) * | 2008-11-28 | 2013-09-21 | Shrisinha Technology Corp | Data hiding protection method and its hardware |
TW201512894A (en) * | 2013-09-24 | 2015-04-01 | hong-jian Zhou | Data access system and data and instruction transmission device thereof |
WO2024071927A1 (en) * | 2022-09-28 | 2024-04-04 | 삼성전자 주식회사 | Electronic device and data protection method using same |
Family Cites Families (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3742117A1 (en) * | 1987-12-11 | 1989-06-22 | Siemens Ag | Data transmission device with secure signalling |
US5157780A (en) * | 1990-06-12 | 1992-10-20 | Advanced Micro Devices, Inc. | Master-slave checking system |
US5870467A (en) * | 1994-09-16 | 1999-02-09 | Kabushiki Kaisha Toshiba | Method and apparatus for data input/output management suitable for protection of electronic writing data |
WO1997016779A2 (en) * | 1995-11-03 | 1997-05-09 | Esd Information Technology Entwicklungs Gmbh | Input security and transactions unit and process for input security and transactions involving digital information |
TW531703B (en) * | 1999-06-17 | 2003-05-11 | Inventec Corp | Dynamic protection method for document |
JP2001297039A (en) * | 2000-04-12 | 2001-10-26 | Matsushita Electric Ind Co Ltd | Data processor |
US7958376B2 (en) * | 2000-11-02 | 2011-06-07 | Ati Technologies Ulc | Write once system and method for facilitating digital encrypted transmissions |
WO2003021466A1 (en) * | 2001-08-28 | 2003-03-13 | Friedman, Mark, M. | Computer black box |
US7003672B2 (en) * | 2001-09-25 | 2006-02-21 | Hewlett-Packard Development Company, L.P. | Authentication and verification for use of software |
US7526654B2 (en) * | 2001-10-16 | 2009-04-28 | Marc Charbonneau | Method and system for detecting a secure state of a computer system |
US20030208686A1 (en) * | 2002-05-06 | 2003-11-06 | Thummalapally Damodar R. | Method of data protection |
US7337471B2 (en) * | 2002-10-07 | 2008-02-26 | Symantec Corporation | Selective detection of malicious computer code |
US7626574B2 (en) * | 2003-01-22 | 2009-12-01 | Kim Min-Kyum | Apparatus and method for inputting alphabet characters |
US7885407B2 (en) * | 2003-09-19 | 2011-02-08 | Sony Corporation | Transmitting apparatus, receiving apparatus, and data transmission system |
US7366916B2 (en) * | 2003-09-20 | 2008-04-29 | Avaya Technology Corp. | Method and apparatus for an encrypting keyboard |
US7398399B2 (en) * | 2003-12-12 | 2008-07-08 | International Business Machines Corporation | Apparatus, methods and computer programs for controlling performance of operations within a data processing system or network |
US7428557B2 (en) * | 2004-03-22 | 2008-09-23 | Microsoft Corporation | Efficient data transfer to/from storage medium of computing device |
CA2564576A1 (en) * | 2004-04-26 | 2005-11-03 | Trek 2000 International Ltd. | Portable data storage device with encryption system |
KR20060028500A (en) * | 2004-09-24 | 2006-03-30 | 주식회사 케이티 | Apparatus and its method for verifying input data of application program on real-time |
KR100748434B1 (en) * | 2004-11-29 | 2007-08-10 | 주식회사 안철수연구소 | Method and device for protecting file data by using real time decryption technics |
US20060130154A1 (en) * | 2004-11-30 | 2006-06-15 | Wai Lam | Method and system for protecting and verifying stored data |
TWI265712B (en) * | 2004-12-17 | 2006-11-01 | Carry Computer Eng Co Ltd | Storage device having independent storage areas and password protection method thereof |
US7645471B2 (en) * | 2005-10-03 | 2010-01-12 | Westway Trading Corporation | Processes for coating an animal feed to obtain coated animal feed products |
CA2571450A1 (en) * | 2005-12-21 | 2007-06-21 | Nervo Security | Encrypted keyboard |
KR100663034B1 (en) * | 2005-12-26 | 2007-01-02 | 주식회사 안철수연구소 | Method and system for detecting change of code in memory |
-
2008
- 2008-10-23 TW TW097140657A patent/TWI409665B/en not_active IP Right Cessation
-
2009
- 2009-10-05 AU AU2009222588A patent/AU2009222588B2/en not_active Ceased
- 2009-10-09 KR KR1020090095942A patent/KR101067506B1/en active IP Right Grant
- 2009-10-09 EP EP09172696A patent/EP2184697B1/en not_active Not-in-force
- 2009-10-09 BR BRPI0904230-0A patent/BRPI0904230A2/en not_active IP Right Cessation
- 2009-10-12 SG SG200906793-5A patent/SG161167A1/en unknown
- 2009-10-21 US US12/603,538 patent/US20100107248A1/en not_active Abandoned
- 2009-10-22 JP JP2009243515A patent/JP2010102710A/en active Pending
-
2012
- 2012-06-07 JP JP2012130011A patent/JP2012164368A/en active Pending
Also Published As
Publication number | Publication date |
---|---|
AU2009222588B2 (en) | 2010-12-09 |
JP2010102710A (en) | 2010-05-06 |
EP2184697B1 (en) | 2012-08-29 |
SG161167A1 (en) | 2010-05-27 |
JP2012164368A (en) | 2012-08-30 |
BRPI0904230A2 (en) | 2011-06-14 |
EP2184697A1 (en) | 2010-05-12 |
US20100107248A1 (en) | 2010-04-29 |
TW201017469A (en) | 2010-05-01 |
KR20100045372A (en) | 2010-05-03 |
TWI409665B (en) | 2013-09-21 |
KR101067506B1 (en) | 2011-09-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6785818B1 (en) | Thwarting malicious registry mapping modifications and map-loaded module masquerade attacks | |
US11188650B2 (en) | Detection of malware using feature hashing | |
US8955121B2 (en) | System, method, and computer program product for dynamically adjusting a level of security applied to a system | |
US7739682B1 (en) | Systems and methods for selectively blocking application installation | |
US8793682B2 (en) | Methods, systems, and computer program products for controlling software application installations | |
US20170149830A1 (en) | Apparatus and method for automatically generating detection rule | |
US8332943B2 (en) | Tiered object-related trust decisions | |
US7111246B2 (en) | User interface accorded to tiered object-related trust decisions | |
US8776236B2 (en) | System and method for providing storage device-based advanced persistent threat (APT) protection | |
US7475260B2 (en) | Method and apparatus for protecting sensitive information in a log file | |
US8448260B1 (en) | Electronic clipboard protection | |
US8078909B1 (en) | Detecting file system layout discrepancies | |
CN102713853B (en) | Use the aggressiveness that the behavior of file popularity degree notice is soundd out | |
WO2007125422A2 (en) | System and method for enforcing a security context on a downloadable | |
CN105224862A (en) | A kind of hold-up interception method of office shear plate and device | |
US20190104157A1 (en) | Chatbot interface for network security software application | |
AU2009222588B2 (en) | Real-time data protection method and data protection device for implementing the same | |
KR100496462B1 (en) | Method for protecting from keystroke logging | |
US8732821B1 (en) | Method and apparatus for preventing accidential disclosure of confidential information via visual representation objects | |
CN110955894B (en) | Malicious content detection method and device, electronic equipment and readable storage medium | |
US11816213B2 (en) | System and method for improved protection against malicious code elements | |
US20070294396A1 (en) | Method and system for researching pestware spread through electronic messages | |
KR20100018021A (en) | Hacking protection method in terms of registry with its proxy changes |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FGA | Letters patent sealed or granted (standard patent) | ||
MK14 | Patent ceased section 143(a) (annual fees not paid) or expired |